11 Nov 2021

Tiny Font Size Fools Email Filters in BEC Phishing

According to Microsoft, a new campaign has been observed targeting Microsoft 365 users deploying sophisticated obfuscation tactics to avoid security protections. The campaign is designed to harvest credentials. The business email compromise campaign is tricking natural language processing filters through hiding text in a one-point font size within messages. According

Read More
03 Aug 2021

Chipotle Emails Serve Up Phishing Lures

According to new information, a breach of Chipotle’s restaurant email marketing service last month has lead to customers being targeted with phishing lures in seemingly legitimate emails that then harvested users’ credentials. This attack mirrors earlier Nobelium attacks, according to researchers at Inky, who first reported that Chipotle’s email vendor

Read More
01 Oct 2020

Experts Warn of $15m Global BEC Campaign

A new widespread Business Email Compromise (BEC) campaign has already stolen over $15 million from roughly 150 organizations, according to cybersecurity professionals. The campaign was first discovered when Mitiga, an Israeli incident response specialist, was called in to investigate suspicious activity related to a multi-million dollar transaction. Mitiga then found

Read More
02 Sep 2020

Cyber-Attack on Norwegian Parliament

Marianna Andreassen, Norwegian parliament director, has confirmed that the government entity has been targeted by threat actors over the past week, resulting in a number of ministers’ email accounts being compromised. Andreassen called the attack “significant,” stating that unauthorized individuals gained access to sensitive information. Email accounts compromised include those

Read More
27 Aug 2020

Your email threads are now being hijacked by the QBot Trojan

Check Point researchers published a report detailing an ongoing campaign involving the QBot Trojan. Its operators have been targeting legitimate email threats to steal credentials and financial data through injecting the prolific malware by leveraging loopholes in the Microsoft Outlook software. Outlook is reportedly susceptible to a module that can

Read More
12 Dec 2019

Hackers allegedly emptied brokerage accounts with a simple email scam — here’s how to protect yourself

In November, prosecutors in New York stated that a Lithuanian man named Vytautas Parfionovas and an unknown co-conspirator emptied the brokerage accounts of several victims, ultimately stealing hundreds of thousands of dollars. The cybercrimes occurred over eight years, starting in 2011, and consisted of the two perpetrators tricking day traders

Read More